US court says WHOIS Privacy Considered “Material Falsification”
Finally, a little common sense and a nice precedent. A US court has determined that the act of spamming, combined with using a whois privacy serve, contravenes the country's "CAN SPAM" laws. It ruled that the use of a whois privacy service constitutes a deliberate attempt to mislead internet users. http://www.domainnamenews.com/legal-issues/whois-privacy-material-falsificat... -- Evan Leibovitch evan@telly.org
On 17 Jan 2010, at 02:20, Evan Leibovitch wrote:
Finally, a little common sense and a nice precedent. A US court has determined that the act of spamming, combined with using a whois privacy serve, contravenes the country's "CAN SPAM" laws. It ruled that the use of a whois privacy service constitutes a deliberate attempt to mislead internet users.
http://www.domainnamenews.com/legal-issues/whois-privacy-material-falsificat...
Evan What are you getting at exactly? Regards Michele Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 UK: 0844 484 9361 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
serve, contravenes the country's "CAN SPAM" laws. It ruled that the use of a whois privacy service constitutes a deliberate attempt to mislead internet users.
http://www.domainnamenews.com/legal-issues/whois-privacy-material-falsificat...
What are you getting at exactly?
Legitimate businesses do not hide behind anonymous domain registrations. Now an important US court agrees. R's, John
On 01/17/2010 11:56 AM, John R. Levine wrote:
Legitimate businesses do not hide behind anonymous domain registrations.
I disagree. When companies come up with new products but while they are still thinking of a product name they will go out and acquire all the domain names for every candidate name of the product. They will do this using an intermediary, often a lawyer to get the belief that there is atty-client or work-product privilege and get the reality of a layer of isolation. This is a legitimate way of preparing for a product launch. I get several thousand spams a day. I hate spammers in general and I reserve a special place for joe jobbers - http://www.cavebear.com/cbblog-archives/000236.html However, I do not accept the argument that we should cut our own privacy noses off in order to create a worthless aura that we are somehow harming spammers. For some reason relatively few people know that if one wants to track down sources, the IP address registration "whois" maintained by the RIRs is a more reliable way to locate someone who has control of a network path or machine than is the domain name "whois". By-the-way, there are reasons to believe that Can-Spam could fail a Constitutional challenge, particularly for domain names used in a political or religious context or when it affects the exercise of a fundamental right. --karl--
I am going to disagree on this. CAN-SPAM is limited to commercial e-mail. Your application of whois privacy to yet to be released products fails. The specific provision of CAN-SPAM that addresses this applies to the use in commercial e-mails. Why would a legitimate business be advertising a not-released product while it hides its relation to the product?
On 01/17/2010 11:56 AM, John R. Levine wrote:
Legitimate businesses do not hide behind anonymous domain registrations.
I disagree.
When companies come up with new products but while they are still thinking of a product name they will go out and acquire all the domain names for every candidate name of the product. They will do this using an intermediary, often a lawyer to get the belief that there is atty-client or work-product privilege and get the reality of a layer of isolation. This is a legitimate way of preparing for a product launch.
I get several thousand spams a day. I hate spammers in general and I reserve a special place for joe jobbers - http://www.cavebear.com/cbblog-archives/000236.html
However, I do not accept the argument that we should cut our own privacy noses off in order to create a worthless aura that we are somehow harming spammers.
For some reason relatively few people know that if one wants to track down sources, the IP address registration "whois" maintained by the RIRs is a more reliable way to locate someone who has control of a network path or machine than is the domain name "whois".
By-the-way, there are reasons to believe that Can-Spam could fail a Constitutional challenge, particularly for domain names used in a political or religious context or when it affects the exercise of a fundamental right.
--karl--
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...
At-Large Official Site: http://atlarge.icann.org
On 01/17/2010 12:50 PM, Bill Silverstein wrote:
By-the-way, there are reasons to believe that Can-Spam could fail a Constitutional challenge, particularly for domain names used in a political or religious context or when it affects the exercise of a fundamental right.
I am going to disagree on this. CAN-SPAM is limited to commercial e-mail.
The V.. g.. r.. a type drug for example, oft the content of spam, pertains, arguably, to the fundamental right of procreation (which would thus trigger some strong Constitutional protections.) Are Nigerian princes who only need your help to release piles of money engaged in commercial or personal outreach? Drawing lines between commercial and non-commercial activities are hard and a clever person can slip-and-slide to whichever side of the line is most convenient for a given situation.
Your application of whois privacy to yet to be released products fails. The specific provision of CAN-SPAM that addresses this applies to the use in commercial e-mails. Why would a legitimate business be advertising a not-released product while it hides its relation to the product?
I'm was pointing out but one example of when people/corporations quite reasonably seek not to have a direct contact listed in "whois". To my mind the argument that "not listing myself in whois" ==>therefore==> "an act that is otherwise lawful becomes unlawful" is a very poor argument because it not only ignores the reasons why one might want privacy but, also, goes so far as to switch the burden of proof so that a person must justify his/her privacy rather than putting the burden onto the person who desires to penetrate privacy. --karl--
The V.. g.. r.. a type drug for example, oft the content of spam, pertains, arguably, to the fundamental right of procreation (which would thus trigger some strong Constitutional protections.)
Are Nigerian princes who only need your help to release piles of money engaged in commercial or personal outreach?
Hi, Karl. Nice try at satirical performance art, but, honestly, it's not funny enough. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
On 01/17/2010 12:50 PM, Bill Silverstein wrote:
By-the-way, there are reasons to believe that Can-Spam could fail a Constitutional challenge, particularly for domain names used in a political or religious context or when it affects the exercise of a fundamental right.
I am going to disagree on this. CAN-SPAM is limited to commercial e-mail.
The V.. g.. r.. a type drug for example, oft the content of spam, pertains, arguably, to the fundamental right of procreation (which would thus trigger some strong Constitutional protections.)
Are Nigerian princes who only need your help to release piles of money engaged in commercial or personal outreach?
Drawing lines between commercial and non-commercial activities are hard and a clever person can slip-and-slide to whichever side of the line is most convenient for a given situation.
Really? I thought you might have read ROWAN v. U. S. POST OFFICE DEPT. , 397 U.S. 728 for some guidance on this. Anyways, if one can't procreate without drugs, I don't think they should be procreating since it is God's will.
To my mind the argument that "not listing myself in whois" ==>therefore==> "an act that is otherwise lawful becomes unlawful" is a very poor argument because it not only ignores the reasons why one might want privacy but, also, goes so far as to switch the burden of proof so that a person must justify his/her privacy rather than putting the burden onto the person who desires to penetrate privacy.
--karl--
The current rule is that one is required to identify him/her/itself when registering a domain. If you buy a house, you list your name on the title. If a third party is listed on the title, they are liable for the damages caused by the house and the house may be taken if the person listed owes money.
Bill Silverstein wrote:
The current rule is that one is required to identify him/her/itself when registering a domain. If you buy a house, you list your name on the title. If a third party is listed on the title, they are liable for the damages caused by the house and the house may be taken if the person listed owes money.
Sorry, that's the rule as you might like it to be, not the rule as it is. A domain name is neither a piece of real property nor an automobile. Certain (misguided) additions to US law increase the penalties -- to the wrongdoer -- for violations if domain WHOIS information is inaccurate, but do not make the listed holder liable for wrongs committed using the domain. --Wendy -- Wendy Seltzer -- wendy@seltzer.org Fellow, Silicon Flatirons Center at University of Colorado Law School Fellow, Berkman Center for Internet & Society at Harvard University http://cyber.law.harvard.edu/seltzer.html http://www.chillingeffects.org/ https://www.torproject.org/
On 01/17/2010 06:26 PM, Bill Silverstein wrote:
On 01/17/2010 12:50 PM, Bill Silverstein wrote:
Drawing lines between commercial and non-commercial activities are hard and a clever person can slip-and-slide to whichever side of the line is most convenient for a given situation.
Really? I thought you might have read ROWAN v. U. S. POST OFFICE DEPT. , 397 U.S. 728 for some guidance on this.
That case is on an entirely different matter, in particular whether a recipient of a letter can instruct the US postal service (at that time, clearly an arm of the US gov't) to forward request to a sender to remove that recipient from a mailing list. There are due-process procedures that occur if the sender is believed to have failed to do so. That case does not deal with the situation surrounding whois, a situation which, without even an accusation of criminal activity, the entire world is allowed to directly penetrate the privacy of any and every domain name holder. That case also did not squarely address the speech issues that arise if the content is arguably political, religious, or affecting a fundamental right (such as procreation). The statute in question was agnostic about the type of content. The case was more about the right of a recipient to block delivery than about the right of senders to send.
To my mind the argument that "not listing myself in whois" ==>therefore==> "an act that is otherwise lawful becomes unlawful" is a very poor argument because it not only ignores the reasons why one might want privacy but, also, goes so far as to switch the burden of proof so that a person must justify his/her privacy rather than putting the burden onto the person who desires to penetrate privacy.
The current rule is that one is required to identify him/her/itself when registering a domain. If you buy a house, you list your name on the title. If a third party is listed on the title, they are liable for the damages caused by the house and the house may be taken if the person listed owes money.
The current "rule" is merely a contract provision put into place between ICANN and registrars without the consent of those who's privacy is being penetrated; it is a rule was put into place in a way that reeks of collusion and restraint of trade. Moreover, houses can easily and quite legally be bought via intermediaries that hide the name of the beneficial owner. And even though houses can be used for nefarious purposes the use of such intermediaries does not bootstrap the publication of the names of each and every beneficial owners simply because someone might, sometime, perhaps, engage in improper activities. What is bothering me in all of the is is the ease in which many of us use end-justifies-means logic to dismiss the need for due process. In the race to put spammers on the gallows we seem to forget the collateral damage. I'm happy to deal harshly with spammers, and particularly joe jobbers, *after* they have been fairly tried and found guilty, but not before. Of course we also forget that the real instigators behind open whois are the intellectual property protection industry who stir the pot and benefit from the resulting ability to find potential targets for unreasonable and coercive (OK, sometimes, on occasion, reasonable) cease and desist letters. --karl--
Legitimate businesses do not hide behind anonymous domain registrations.
I disagree.
When companies come up with new products but while they are still thinking of a product name they will go out and acquire all the domain names for every candidate name of the product. They will do this using an intermediary, often a lawyer to get the belief that there is atty-client or work-product privilege and get the reality of a layer of isolation. This is a legitimate way of preparing for a product launch.
Well, I have to admire your dogged creativity in defending the privacy rights of criminals, but in this case, it would have helped if you'd read the decision. In this case the defendants were sending porn spam from addresses hidden behind WHOIS privacy services, which the court agreed was fraudulent. Do you really think that a court would find a genuine nominee, which understands the responsiblity for the actions its client may take in its name, to be fraudulent? Don't be ridiculous.
By-the-way, there are reasons to believe that Can-Spam could fail a Constitutional challenge, particularly for domain names used in a political or religious context or when it affects the exercise of a fundamental right.
Could you point out the sections of CAN SPAM that regulate political or religious speech? Here's a link to the law: http://www.law.cornell.edu/uscode/html/uscode15/usc_sup_01_15_10_103.html R's, John
On 01/17/2010 01:47 PM, John R. Levine wrote:
Well, I have to admire your dogged creativity in defending the privacy rights of criminals
What I object to is the leaping to the conclusion that someone is a criminal and thus, without any process or third party review, stripping that person of fifth, sixth, and fourteenth amendment protections. In our US Constitutional system the proper path is for a search warrant that specifically describes the place and scope of the search to be issued by a court of competent jurisdiction and upon evidence of probable cause that a crime has been committed. One of the problems with the ICANN system is that it is a proxy for police action but does so without the Constitutional protections that guide police activity. We've already seen how enforcement bodies, such as the FTC, that perfectly well know how to obtain subpoenas, get lazy and use ICANN and whois to operate outside Constitutional constraints. You might think spammers are bad. They are. But governmental police powers exercised without controls are much, much worse. I'd rather have spammers than Oceania (from Orwell's 1984). --karl--
Well, I have to admire your dogged creativity in defending the privacy rights of criminals
What I object to is the leaping to the conclusion that someone is a criminal and thus, without any process or third party review, stripping that person of fifth, sixth, and fourteenth amendment protections.
So, just so I understand, you think that there is a non-zero chance that pillz spam is advertising legal prescription drugs, and 419 spam is offering a legitimate business opportunity? R's, John
On 01/17/2010 07:58 PM, John R. Levine wrote:
What I object to is the leaping to the conclusion that someone is a criminal and thus, without any process or third party review, stripping that person of fifth, sixth, and fourteenth amendment protections.
So, just so I understand, you think that there is a non-zero chance that pillz spam is advertising legal prescription drugs, and 419 spam is offering a legitimate business opportunity?
If a situation seems obvious then it ought to be easy to prove by evidence before an impartial trier of the fact. Judges and juries aren't so blind that they would take a great deal of time to bring a guilty verdict. So why the rush to condemn on mere accusation? --karl--
Karl Auerbach wrote:
On 01/17/2010 07:58 PM, John R. Levine wrote:
What I object to is the leaping to the conclusion that someone is a criminal and thus, without any process or third party review, stripping that person of fifth, sixth, and fourteenth amendment protections.
So, just so I understand, you think that there is a non-zero chance that pillz spam is advertising legal prescription drugs, and 419 spam is offering a legitimate business opportunity?
If a situation seems obvious then it ought to be easy to prove by evidence before an impartial trier of the fact. Judges and juries aren't so blind that they would take a great deal of time to bring a guilty verdict.
So why the rush to condemn on mere accusation?
And who's going to pay the court costs? Does LE react to each and every spam/scam? No. The simple reality is than from a law enforcement perspective the people are an amoebic mass and only the worst cases are investigated as permitted by resources and funding. Add to that the jurisdiction issue. The issue does not always end on the shores of the USA. It is extremely easy to sometimes trace the perpetrators sitting safely in another country. In fact they brazenly advertise on the net (and no, it's not a joe job). You could argue the brand owners must press charges. But then once again they may or may not chose to do so. However where does that leave me as an individual? Do I have no right? Could I suggest we pass ten spams and/or scams to you and you show us how you handle it as per your processes and then we measure it's effectiveness?
On 01/18/2010 01:20 AM, Derek Smythe wrote:
Karl Auerbach wrote:
On 01/17/2010 07:58 PM, John R. Levine wrote:
What I object to is the leaping to the conclusion that someone is a criminal and thus, without any process or third party review, stripping that person of fifth, sixth, and fourteenth amendment protections.
So, just so I understand, you think that there is a non-zero chance that pillz spam is advertising legal prescription drugs, and 419 spam is offering a legitimate business opportunity?
If a situation seems obvious then it ought to be easy to prove by evidence before an impartial trier of the fact. Judges and juries aren't so blind that they would take a great deal of time to bring a guilty verdict.
So why the rush to condemn on mere accusation?
And who's going to pay the court costs?
And who is going to pay the damage of vigilantism to the innocent who are harmed? Who is paying today for the damages, emotional and financial, that accrue through today's privacy busting "whois". Sure, good law enforcement costs money. But we have become stingy and opposed to taxes. Is it fair to complain that we gotten exactly what we (didn't) pay for?
Does LE react to each and every spam/scam? No.
If it is high on your community's priority then your community can adjust law enforcement's priorities and pay the costs.
Add to that the jurisdiction issue. The issue does not always end on the shores of the USA. It is extremely easy to sometimes trace the perpetrators sitting safely in another country. In fact they brazenly advertise on the net (and no, it's not a joe job).
Let me get this straight - in order to ram a vigilante noose onto a foreigner who is merely accused you want to violate the privacy of internet user? If you believe that the legal system, particularly the international legal system, is slow, unresponsive, or expensive then the solution is to find ways to speed it up, make it respond to your community's concerns, and reduce the cost, not to create a new Committee of Public Safety with every one of us a Robespierre sending those we accuse, without trial, to Madame Guillotine?
You could argue the brand owners must press charges.
Those of us who have trademarks (myself included) tend to be among the more affluent and we have access to lawyers and a mildly mature system to obtain foreign response to our complaints. Those who have trademarks have no elevated right that allows them to run roughshod over the rights of others.
Could I suggest we pass ten spams and/or scams to you and you show us how you handle it as per your processes and then we measure it's effectiveness?
This isn't about spam, it is about every self-justifying cowboy penetrating all of our privacy. Again and again history has shown us that sacrificing justice on the altar of expediency often leads to very unpleasant effects vastly worse than the original problem. --karl--
Karl Auerbach wrote:
On 01/18/2010 01:20 AM, Derek Smythe wrote:
Karl Auerbach wrote:
On 01/17/2010 07:58 PM, John R. Levine wrote:
What I object to is the leaping to the conclusion that someone is a criminal and thus, without any process or third party review, stripping that person of fifth, sixth, and fourteenth amendment protections.
So, just so I understand, you think that there is a non-zero chance that pillz spam is advertising legal prescription drugs, and 419 spam is offering a legitimate business opportunity?
If a situation seems obvious then it ought to be easy to prove by evidence before an impartial trier of the fact. Judges and juries aren't so blind that they would take a great deal of time to bring a guilty verdict.
So why the rush to condemn on mere accusation?
And who's going to pay the court costs?
And who is going to pay the damage of vigilantism to the innocent who are harmed?
vigilantism? Pardon me, I have helped numerous victims become aware of their details being used in ID fraud. I have helped a bank identify the perpetrator where they we going to go after a US citizen.
Who is paying today for the damages, emotional and financial, that accrue through today's privacy busting "whois".
Sure, good law enforcement costs money. But we have become stingy and opposed to taxes. Is it fair to complain that we gotten exactly what we (didn't) pay for?
Does LE react to each and every spam/scam? No.
If it is high on your community's priority then your community can adjust law enforcement's priorities and pay the costs.
We do take care of our issues. Right now we have people committing identity fraud registering domains with US citizens details at a registrar in Australia. Then the party layers it with privacy whois. The only problem was that in two linked scams, one domain used a .US domain. The rest is history. However, you may wish to read up on the EFCC - not my country and the only reason certain parties can still run around brazenly stealing identities and credit card details of your fellow American US citizens and registering domains with them.
Add to that the jurisdiction issue. The issue does not always end on the shores of the USA. It is extremely easy to sometimes trace the perpetrators sitting safely in another country. In fact they brazenly advertise on the net (and no, it's not a joe job).
Let me get this straight - in order to ram a vigilante noose onto a foreigner who is merely accused you want to violate the privacy of internet user?
If you believe that the legal system, particularly the international legal system, is slow, unresponsive, or expensive then the solution is to find ways to speed it up, make it respond to your community's concerns, and reduce the cost, not to create a new Committee of Public Safety with every one of us a Robespierre sending those we accuse, without trial, to Madame Guillotine?
Not "my" community ...
You could argue the brand owners must press charges.
Those of us who have trademarks (myself included) tend to be among the more affluent and we have access to lawyers and a mildly mature system to obtain foreign response to our complaints.
Those who have trademarks have no elevated right that allows them to run roughshod over the rights of others.
Could I suggest we pass ten spams and/or scams to you and you show us how you handle it as per your processes and then we measure it's effectiveness?
This isn't about spam, it is about every self-justifying cowboy penetrating all of our privacy.
No - I am saying that you also take responsibility via your defined acceptable channels for resolving ten issues. We are representing the users after all. So do you accpt the challenge or not?
Again and again history has shown us that sacrificing justice on the altar of expediency often leads to very unpleasant effects vastly worse than the original problem.
So I guess then their is no cure for an issue that starts at the time of domain registrations (unverified domain registrations - provention vs cure) and we should just give up and sacrifice the casual user to each and every internet miscreant. I think not! Derek
So, just so I understand, you think that there is a non-zero chance that pillz spam is advertising legal prescription drugs, and 419 spam is offering a legitimate business opportunity?
If a situation seems obvious then it ought to be easy to prove by evidence before an impartial trier of the fact. Judges and juries aren't so blind that they would take a great deal of time to bring a guilty verdict.
So why the rush to condemn on mere accusation?
Hi. Could you take a quick look at a calendar and verify that it is now 2010, not 1995? On today's Internet, the mail flow is between 90% and 95% spam. To flip those numbers around, there are between 10 and 20 spams sent for every real message. Large providers like AOL and Hotmail get upwards a billion (with a B, 10^9) spams every day, hammering on their systems, 24/7. The only way to keep anyone's mailbox halfway usable is draconian filtering using a lot of heuristics. The people who run these systems are acutely aware of the balancing act between getting the legit mail into the mailboxes, and keep the spam out, and at some point, if you're sending mail that looks just like spam, well, sorry, it's not worth leaking a million spams into inboxes to cater to you. The suggestion that we should wait for the courts to deal with spam one at a time is so breathtakingly inane that I don't know where to start refuting it. So I won't bother, other than to suggest that it's approximately as sensible as building a network of superhighways, and saying oh, there's no need for licenses or safety inspections, we'll just have the police and the courts deal with the unsafe drivers and the accidents. Finally, your suggestion that law enforcement does not devote resources to dealing with online crime, is both stunningly uninformed and frankly insulting to a lot of police in a lot of countries who devote a great deal of effort to dealing with a really hard problem. I've personally worked with the USDOJ, the New Zealand DIA, and Industry Canada working against online crime, and I know people working onit in countries on every continent. When you have spam sent to US recipients advertising "Canadian" pills actually made in India and sold by a New Zealand citizen living in Australia, it takes a lot of effort even to identify the responsible parties. R's, John
In this case the defendants were sending porn spam from addresses hidden behind WHOIS privacy services, which the court agreed was fraudulent.
From my read, the defendants didn't actually use a private registration service. They intentionally falsified their whois data. At trial, they then used the example of a proxy service as an example of something legitimate that, they believed, showed the vagueness of the statute. The court disagreed that the statute was vague, but the proxy service part of the decision was a hypothetical. -- Bret
In this case the defendants were sending porn spam from addresses hidden behind WHOIS privacy services, which the court agreed was fraudulent.
From my read, the defendants didn't actually use a private registration service. They intentionally falsified their whois data. At trial, they then used the example of a proxy service as an example of something legitimate that, they believed, showed the vagueness of the statute. The court disagreed that the statute was vague, but the proxy service part of the decision was a hypothetical.
You are 100% correct not in the appeal or the conviction there is a mention that these guys used a WHOIS proxy, they provided false information and even impersonated other people. Rgds
In this case the defendants were sending porn spam from addresses hidden behind WHOIS privacy services, which the court agreed was fraudulent.
From my read, the defendants didn't actually use a private registration service. They intentionally falsified their whois data. At trial, they then used the example of a proxy service as an example of something legitimate that, they believed, showed the vagueness of the statute. The court disagreed that the statute was vague, but the proxy service part of the decision was a hypothetical.
Bret, you are correct -- Defendants were not using a privacy service. But the Court said, "Based on the plain meaning of the relevant terms discussed above, private registration for the purpose of concealing the actual registrants identity would constitute material falsification. makes it illegal. "
But the Court said, "Based on the plain meaning of the relevant terms discussed above, private registration for the purpose of concealing the actual registrant’s identity would constitute “material falsification.” makes it illegal. "
WRONG. Why don't you quote the entire article ? What the Court said was within the context of the case and in response to the defendant attorneys stupid argument about material falsification in relation to the constitutional vagueness of some terms and how the Court interpretation of those terms would affect innocent people. The Court exactly said: "[15] Defendants also argue that the definition of “material falsification” renders § 1037 unconstitutionally vague specifically as to whether it would criminalize private registration of a domain name. As testified to at trial, private registration is a service that allows registration of a domain name in a manner that conceals the actual registrant’s identity from the public absent a subpoena. We fail to perceive any vagueness on this point. Based on the plain meaning of the relevant terms discussed above, private registration for the purpose of concealing the actual registrant’s identity would constitute “material falsification.” Defendants assert that many innocent people who privately register without the requisite intent may be subject to investigation for violation of § 1037 until their intent can be determined, allowing for abuse by enforcement authorities. This may be so, but it does not make the statute unconstitutionally vague. As we recently noted, “ ‘[w]hat renders a statute vague is not the possibility that it will sometimes be difficult to determine whether the incriminating fact it establishes has been proved; but rather the indeterminacy of precisely what that fact is.’ ” Shales, 546 F.3d at 973 (quoting Williams, 128 S. Ct. at 1846). While determining as a factual matter whether the requisite intent for culpability under § 1037 exists may prove difficult, this does not demonstrate that the concept of intent as used in the statute is an entirely indeterminate, subjective one. Hence, the problem Defendants identify is irrelevant to the vagueness inquiry. " Hence, again you can not take just a sentence out of context and from 35 pages and create a blank statement saying "makes it illegal", CAN-SPAM does not said that, the Court Order after the trial does not said that and the response to the appeal does not said that. The defendants' argument is as stupid as when during trial the defense attorney argued for a new trial because they complained that one of the jurors that ended being the jury foreman was looking too much in the direction of the prosecutor's table and computer. You have to put this entirely in the context of the case, these two crooks engaged in an illegal biz before CAN-SPAM, intentionally they tried multiple times and via multiple means to conceal their identity and obfuscate any records pointing to them, they committed fraud and money laundering, they were very aware of how CAN-SPAM was going to affect their biz and with clear intentions (at this instance you also can say "criminal intentions") they increased their efforts to isolate their practice from US law, they provided false statement, they impersonated other people, they obstructed the investigation, they intimidated people. I don't believe it was very difficult for the prosecutors to present the case and for the jury to reach a decision, and they got convicted. Obviously they appealed the conviction and tried to play the unconstitutional trick, it didn't work, they also tried the clerical and procedural error trick, it didn't work either. The Court of Appeal not only affirmed the conviction it remanded it since they had to follow procedure and investigating the claim that there was an error they remanded to correct the error changing three of the counts to felonies instead of a misdemeanor. In summary, no the Court didn't say that keeping your WHOIS data private is illegal. Stop looking for flying pigs or excuses to defend a particular set of interests within ICANN, it's despicable. Got to go, my alien ship is departing. Cheers Jorge
serve, contravenes the country's "CAN SPAM" laws. It ruled that the use of a whois privacy service constitutes a deliberate attempt to mislead internet users.
http://www.domainnamenews.com/legal-issues/whois-privacy-material-falsificat...
What are you getting at exactly?
I believe you guys are taking the interpretation of the Court's response to the appeal way too far. The response does not exactly "ruled that the use of a whois privacy service constitutes a deliberate attempt to mislead internet users." The case is not just about WHOIS data, and you can't take few things here and there out of context and put it as a blank statement. In this case the bad guys were obviously and intentionally trying to "conceal" their identity and contact information, something that on their conviction was considered material falsification. On their appeal they argued that “impair,” “altered,” and “concealed" are vague terms in the definition of material falsification (sounds familiar when in the GNSO we waste a lot of cycles trying to define the meaning of the word meaning whereas it has any meaning), and that this would criminalize private registration of a domain name because "many innocent people who privately register without the requisite intent may be subject to investigation for violation of § 1037." IMHO, extremely stupid attempt/move from their attorney.
Legitimate businesses do not hide behind anonymous domain registrations.
anonymous != private and private does not make it illegitimate.
Now an important US court agrees.
Nope, it does not say that. It just says that these two crooks deserve what they've got and probably more for trying to obstruct and twist things around. Obviously a complete different context but you are an IETFer so you most probably know that "would" != "shall." Also falsified information or anonymous != private, legitimate business and decent people (I do) may want to keep their contact information private, I don't believe that registering a domain name gives them the right to provide false information but IMHO they have the right to keep it private and we should argue and fight to keep it that way. You also said "In this case the defendants were sending porn spam from addresses hidden behind WHOIS privacy services", the appeal does not says that, it says: "Defendants had their employees place fictitious information in the headers of their bulk emails. Defendants’ employee Jennifer Clason created nonsensical domain names and matched them with generic user names to generate a series of different email addresses that were almost certainly nonfunctional. These were placed in the “From” field of the headers of each email sent out. Another employee of Defendants, Kirk Rogers, designed a program utilized by Defendants that generated non-functioning email addresses in the “From” field by combining the domain name used to send each email with the recipient of the email’s user name. In addition, the email address appearing in the “From” field and “Return-Path” field of the headers of Defendants’ emails differed, indicating at least one was false." Notice the "nonsensical domain names", where do you register those ? About the WHOIS data says: "Defendants also falsified information appearing in the registration of the domain names they used. The registrant for each of the emails was listed as Ganymede Marketing. The correct physical address for Ganymede was listed, but the contact person and phone number listed were false. The email listed in the registration was never tested for functionality, though the evidence indicates that at some point it became invalid. A reverse look-up of the internet provider address appearing in the email headers came back to a different entity, Kobalt Networks, registered in the Netherlands." I don't see any reference to "private or anonymous registration" there, they blatantly and intentionally provided false information. I find extremely troubling that somebody person/company is being tagged as not "legitimate" because she/he/it cares about its privacy. My .02 Jorge
participants (9)
-
Bill Silverstein -
Bret Fausett -
Derek Smythe -
Evan Leibovitch -
John R. Levine -
Jorge Amodio -
Karl Auerbach -
Michele Neylon :: Blacknight -
Wendy Seltzer